ProjectWise DMSKRNL.cfg Database Encryption

At the bottom of the dmskrl.cfg file,  you may have noticed the following three lines.

DBUserName=db_username  (database login)

DBUsrPwdDecrypt=4  or 5    (depending on PW version)



This section is for the database user account used by the ProjectWise Integration server to connect to the database. You can see the user account name (DBUserName = ) and you will need to know the

Notice that the dbuser id is in plain text but the password is encrypted.

Two symptoms you may run into if the Integration server is having trouble with the DB password.


1. The option in ProjectWise Administrator will be grayed out (PW Administrator | datasource | properties | database users tab) and you will not be able to change it.

    2. You will get a Last Error 56057 Cannot login to the datasource. Database authorization failure. This is when you try to login via ProjectWise Explorer or ProjectWise Administrator.


    To fix these you can change the value of the “DBUsrPwdDecrypt”  in the dmskrnl.cfg file to 0 which will allow you to reset the Database user account password to
    plain text.  You can now see the password in plain text.  After restarting the Integration service it goes back to encrypted. The steps to test/perform this reset are as follows:


    1. open the file c:\program files\Bentley\projectwise\bin\dmskrnl.cfg in notepad, and go to the end of the file

    2. Locate your datasource and find the line “DBUsrPwdDecrypt=”

    3. Change this value to 0 and enter the correct DB password for that ID

    4. Save the file and restart the PW Integration server

    Now open up the dmskrnl file again and go to the bottom. The value of DBUsrPWDecrypt will have changed from 0 to 4 or 5 and the password is encrypted

    ; Example configuration for a ProjectWise Integration Server
    ;Description=<"Real" Datasource name>
    ;Name=<ODBC data source name>
    ;InterfaceType=ODBC (always)
    ;Type=<Database type Microsoft SQL Server|Oracle>
    ;DBUserName=<DB username>
    ;DBUserPassword=<DB password>
    ;DBUsrPwdDecrypt=<crypt type (set by server, enter 0 to reencrypt a plaintext password)>
    ;DisableAuditTruncation=1 (optional, use to disable audit trail truncation in a load-balanced configuration)
    ;Comma separated list of IMS service identities, which are defined below.
    ;ImsServiceIdentities=<Optional, use it when querying of IMS for users is needed. Multiple identities can be specified: imsSi1,imsSi2,..>